Lost connection – again
This morning, none of the sites were accessible: the router didn’t respond at all. Luckily, I could access the router, and found that Diana, the main server, was connected and up and running. So I enabled SSH and could access the machine; WASD logs showed no reason of failure, but there was no access after 03:00 or thereabout. Accessing the logs using the external name however worked like a charm, so there is something else going on. It might have been an overload: Previously, some heavy access (POST to the blog login screen – which will fail at all times) and meny accesses on HyperReader, each from one addres, caused me to change the configuration logs so any attempt to connect will now fail.
After this change, all worked like it should. So it wasn’t WASD or Diana causing trouble. The event l,og of the router did show a reason:
21.04.15 03:05:19 The service provider successfully updated the firmware for this device.
21.04.15 03:05:15 The system time was updated successfully by time server 192.168.0.200.
21.04.15 03:05:14 IPv6 prefix obtained successfully. New prefix: 2001:980:ef9c::/48
21.04.15 03:05:14 IPv6 Internet connection established successfully. IP address: 2001:980:ef9c::1
21.04.15 03:05:14 Internet connection established successfully. IP address: 82.161.236.244, DNS server: 194.109.6.66 and 194.109.9.99, Gateway: 194.109.5.175, Broadband PoP: dr11.d12
21.04.15 03:05:05 Partition mounted in Freecom-DataBarUSB2-0-01
21.04.15 03:04:50 USB device 2002, class "USB 2.0 (full-speed) storage", plugged in
The router was restarted after a firmware update was installed – WITHOUT WARNING.
To get to know this, you actually need to log into the router – there is no external log… Nor is it possible to block unwanted networks. Hopefully, I’ll get my Draytek back soon – or a replacement.
10-Apr-2015
More router issues
Yesterday I switched routers: removed the Vigor, to be sent back to the supplier, and reinstalled the Fritzbox router of the ISP. However, intenet connection kept failing. Any access over wifi failed: though devices could connect to the router, an IP address was never supplied. That means the server could not reach the devices.
Today I found out the reason: the cable is broken, hopefully it is just a bad connector, because changing the cable is impossible.
There is another cable from the router to the network, that connects my TV to the swtich for that signal. For the time being I will use this link to connect the LAN to the router. It is not a big deal to miss TV on top, and replacing the faulty connection is simple, after which I will use it to reconnect my TV
06-Apr-2015
Server updated – and still access problems
I updated WASD and SSL to the latest versions and installed them. But than I encountered exactly the same problems as before yesterday: I could not access any of my sites. Since I have now a recent backup of my router, I restored it – but is didn’t help at all. Only by defining the sites in the hosts file on my workstation I can – and that works as long as I’m accessing the sites from the local network.
But that should not be the case!
As far as I can determine, looking at the webserver access log, the admin pages output and the router’s logging, other sites seem, top have no problem. Why I cannot, is a mystery.
But from this point, it looks as if this blog is extremely slow. It works, but that seem to be all. looking at the access log, there is a (Russian) site that POST to one of the xmlrpc.PHP file quite often. I blocked the site, not just the address, but it keeps getting through. So I blocked just the address.
05-Apr-2015
Router re-installation
A few days ago, all of s sudden, I could no longer access any of the sites from wherever I tried. SSH access failed as well, but I still could access the router; but PINGing the server from there went just right. No idea what had gone wrong.
Today I found out that it looked as if access from other sites was no problem at all, bouth router log and web-access log showed incoming traffic, but way less than normal.
To solve the problem start at the front side: so check the router. But as it turned out, I didn’t have any backup of the configuration available – though I did make them; They couldn’t be found. The only solution therefor was to make screenshots of the configuration screens, reboot to factory settings and re-install it to what was set before. It did take some time because, of course, I did forget a screen or two, but within an hour, I had it all working again – basically.
The only issue left was logging; there is still output missing, somehow. However, this has been solved as well.
So I made a backup of the current setting – just in case.
Next thing – that I left for now, because of the sheer amount of work – is redefining the objects to block. That will be done from now on.
01-Apr-2015
No surprises
No jokes either: The monthly maintenancejob revealed nothing special. Mail is fine as it is for months now:
PMAS statistics for March
Total messages : 5091 = 100.0 o/o
DNS Blacklisted : 0 = .0 o/o (Files: 0)
Relay attempts : 3933 = 77.2 o/o (Files: 31)
Accepted by PMAS : 1158 = 22.7 o/o (Files: 31)
Handled by explicit rule
Rejected : 363 = 31.3 o/o (processed), 7.1 o/o (all)
Accepted : 226 = 19.5 o/o processed), 4.4 o/o (all)
Handled by content
Discarded : 177 = 15.2 o/o (processed), 3.4 o/o (all)
Quarantained : 193 = 16.6 o/o (processed), 3.7 o/o (all)
Delivered : 199 = 17.1 o/o (processed), 3.9 o/o (all)
though Chinamen keep trying to relay when it is not allowed:
ANTIRELAY.-2015-03-05 1450 between 21:25-23:59 (from sina.com)
ANTIRELAY.-2015-03-06 335 between 00:00-00:36 (from sina.com)
ANTIRELAY.-2015-03-15 1680 between 04:54-07:55 (from 163.com)
ANTIRELAY.-2015-03-17 115 between 09:00-10:44 (from 126.com)
Just one “user” nllxiaonanzi111620 from these domains. Probably all forged, sent by a script or program on a server in this domain. I blocked 163.com already but they may use other ranges as well that are not blocked…
To be investigated – if time permitted, but my jobs takes far too much time, even in evenings and weekends (if anyone has another job (preferably in the VMS arena, drop me a line. I’m willing to move)
I have some testing to do for eCube: their Eclipse plugin for programming on OpenVMS from a Intel system (Windows or Linux) but there hardly is any possibility, timewise…